Simple visual authentication of documents exchanged in commerce

ABSTRACT

Verifying the integrity of a received binary object by calculating a first displayable authenticator derived from an input binary object. The first authenticator is then attached to the input binary object, producing a first composite binary object, which is sent to a remote receiver. A second composite binary object is received back from the remote receiver, wherein the second composite binary object includes a received binary object, a received first displayable authenticator, and a second displayable authenticator. A third displayable authenticator is calculated, derived from the second composite binary object, then a display of the first displayable authenticator is compared to a display of the third displayable authenticator, and verification of the integrity of the received binary object is indicated by an exact match between displays of the first and third displayable authenticators.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application is a continuation application under 35 U.S.C. §120 of U.S. patent application Ser. No. 12/257,140, filed on Oct. 23,2008, now U.S. Pat. No. 8,656,176, which claims the benefit of IndianPatent Application No. 2131/CHE/2008, filed on Sep. 1, 2008, U.S. patentapplication Ser. No. 12/257,140 and Indian Patent Application No.2131/CHE/2008 are incorporated herein by reference.

BACKGROUND

Certain commercial transactions involve participants (e.g., buyer orseller) who are not sophisticated. There may also be a mismatch inbargaining power or the like which makes it easy for one participant totake advantage of the other participant. In such situations, increasingthe confidence of the participants will facilitate commerce.

SUMMARY

The present application relates, in general, to methods of improvedauthentication of documents exchanged in commerce. The presentapplication achieves improved authentication by including visualmarkings derived from the content of the documents to be authenticated.

The foregoing is a summary and thus contains, by necessity,simplifications, generalization, and omissions of detail; consequently,those skilled in the art will appreciate that the summary isillustrative only and is not intended to be in any way limiting. Otheraspects, features, and advantages of the devices and/or processes and/orother subject matter described herein will become apparent in theteachings set forth herein. The summary is provided to introduce aselection of concepts in a simplified form that are further describedbelow in the Detailed Description. This summary is not intended toidentify key features or essential features of the claimed subjectmatter, nor is it intended to be used as an aid in determining the scopeof the claimed subject matter.

BRIEF DESCRIPTION OF THE FIGURES

The foregoing and other features of the present disclosure will becomemore fully apparent from the following description and appended claims,taken in conjunction with the accompanying drawings. Understanding thatthese drawings depict only several embodiments in accordance with thedisclosure and are, therefore, not to be considered limiting of itsscope, the disclosure will be described with additional specificity anddetail through use of the accompanying drawings.

FIG. 1 shows a typical exchange of messages according to an embodiment.

FIG. 2 shows an illustration of a buyer's binary object according to anembodiment.

FIG. 3 shows an illustration of a binary object received by the buyerfrom a seller, according to an embodiment.

DETAILED DESCRIPTION

In the following detailed description, reference is made to theaccompanying drawings, which form a part hereof. In the drawings,similar symbols typically identify similar components, unless contextdictates otherwise. The illustrative embodiments described in thedetailed description, drawings, and claims are not meant to be limiting.Other embodiments may be utilized, and other changes may be made,without departing from the spirit or scope of the subject matterpresented here. It will be readily understood that the aspects of thepresent disclosure, as generally described herein, and illustrated inthe Figures, can be arranged, substituted, combined, and designed in awide variety of different configurations, all of which are explicitlycontemplated and make part of this disclosure.

This disclosure is drawn, inter alia, to methods, apparatus, computerprograms and systems related to simple visual verification of documentsused in commerce.

Embodiments described herein describe verifying the integrity of areceived binary object by calculating a first displayable authenticatorderived from an input binary object. The first authenticator is thenattached to the input binary object, producing a first composite binaryobject, which is sent to a remote receiver. A second composite binaryobject is received back from the remote receiver, wherein the secondcomposite binary object includes a received binary object, a receivedfirst displayable authenticator, and a second displayable authenticator.A third displayable authenticator is calculated, derived from the secondcomposite binary object, then a display of the first displayableauthenticator is compared to a display of the third displayableauthenticator, and verification of the integrity of the received binaryobject is indicated by an exact match between displays of the first andthird displayable authenticators.

Electronic transactions commonly take place over the internet.Increasingly, the electronic transactions may also use a mobile phone asa terminal device. Other kinds of terminal devices may be used, forinstance a desktop PC or a laptop PC. Nothing is limited in regard tothe kind of terminal device that can be used with the embodimentsdescribed herein, unless explicitly stated. For any type of terminaldevice used, an electronic transaction includes a series of actions, andan exchange of instruments (i.e., documents) between a buyer and aseller, who typically are remotely located from each other. After theinitial browsing, selection and decision, the buyer submits a cart ofitems for purchase to the seller's website through his or her(generically, “his”) terminal device. The items may include, forinstance, goods or services. The transaction may continue with theseller presenting an invoice, the buyer agreeing to or authorizing apayment, the seller acknowledging the receipt of money (e.g., from acredit card, etc.), and the buyer acknowledging the delivery of theitems so purchased.

The transaction model described above may include supporting documentssuch as: a purchase order, which indicates the goods and services thatthe buyer is interested in buying; an invoice from the seller indicatingthe seller's conditions for making the sale (e.g., cost, payment terms,delivery term, etc.); a payment authorization by the buyer (e.g., checkor credit card information); a receipt from the seller for the payment;and proof of delivery (e.g., a mail delivery signature). These documentsare exchanged remotely, between the buyer and the online seller. Thesedocuments may also be referred herein as “legal instruments” or“instruments.”

Trust between the parties may be established by, for instance, a historyof successful transactions, or by reputation. If trust has not beenestablished, or if the trust that has been established does not apply tothe current transaction because of a significant change in the nature ofthe transaction (e.g., a different type of good or service, or a highermonetary value), the exchange of documents supporting a transaction maybe accompanied by a certain level of discomfort. For instance, the buyermay be unsure that he is exchanging these instruments with an authenticseller; or the buyer may be wary that seller may claim non-receipt ofmoney; or whether the buyer can challenge instruments produced by theseller if fraud is suspected. Conversely, the seller trusts that thepayment produced by the buyer is valid (e.g., checks are not forged;checks are drawn on an account having sufficient funds available; acredit card number has not been stolen, etc.). In order for this systemto work, the buyer and seller have faith in the system.

Typically in consumer transactions, the buyer is less sophisticated thanthe seller. For instance, the buyer maybe an individual and the selleris a commercial concern; or the buyer may be an infrequent buyer online,but the seller may frequently conduct business online with manydifferent buyers. In this kind of situation, the buyer is at adisadvantage to the seller. Further, the remoteness of the seller or thesophistication of the electronic technology may further intimidate thebuyer. The buyer may be unable to complain effectively to the seller(e.g., to whom to complain), and an unscrupulous seller may have theresources and the technical sophistication to harass the buyer. Forinstance, if this happens in a credit card transaction, the buyer may beforced to become involved in an unpleasant conflict resolution betweenthe credit card company and the seller.

In another scenario, the transaction between buyer and seller may be a“micro transaction,” i.e., a transaction having a low monetary value.The low monetary value encourages entering into a transaction morequickly and with a less intensive review of the legal instruments. Ifthe seller repudiates or otherwise does not carry out his end of thetransaction, the buyer will be unhappy but may not feel it is worth histime and effort in order to secure a refund.

It would be desirable to provide the buyer in an online transaction ahigher level of trust, similar to the level of trust that the buyerwould experience in a face to face transaction. At the same time, thecost of building trust through third party verifiers and certifiers hasto be minimized for low value retail level commerce. For instance, abuyer in an online transaction would feel more comfortable when he has aphysical invoice that cannot be repudiated by the seller, and/or anability to show the legal instruments associated with a transaction, andto be able to verify simply that the legal instruments are genuine(e.g., complete, that they are for the present transaction, and they arenot tampered with). In emerging markets, where often buyers are notsophisticated and may have limited literacy, one way of providing simpleverification is to provide a visual method to ensure that the legalinstruments are genuine. For example, in conventional commerce, aletterhead, a logo, a seal and/or a signature on the instruments of theseller builds trust. A visual verification method of this sort shouldprevent repudiation of the documents by the seller. A visual method mayemploy textual strings or the like, or may employ a method that isgraphic in nature, either alone or in combination with textual strings.A visual graphical method that is uniquely associated with theinstrument and the seller and is easily and visually recognizableprovides a robust method of document verification, particularly forunsophisticated users, or mobile users, or when micro transactions areinvolved.

Embodiments described herein are usable with other types of transactionsthat include an exchange of any kind of document involving a degree oftrust, e.g., contracts under negotiation and revision; works that are aproduct of collaboration between more than one contributor, etc. Suchtypes of transactions can benefit from a simple way to ensure that thedocuments involved are genuine.

The embodiments herein describe a visual authentication technique thatmakes a party to a transaction (e.g., the buyer) comfortable that: (1)he has non-repudiatable record of documents grouped together for aparticular transaction without the involvement of any third partycertification; and (2) he can make an immediate visual assessment ofirregularity which maybe either deliberate (e.g., fraud) or inadvertent(e.g., technical mistake or transmission error). The intent is toimprove the feeling of comfort to a buyer, in particular to anunsophisticated buyer, in a remote electronic transaction as he wouldget in a physical face to face transaction.

An embodiment of the method begins with the buyer and seller, eachhaving at least two characteristic mathematical functions embodied in acomputing device. Ordinarily, this will be the same computing device asthat which embodies a binary object that is to be exchanged as part of acommercial transaction, but a different computing device may be used ifa communication means is provided between a device embodying the binaryobject and a device embodying the mathematical functions. Typically, thebuyer and seller have separate computing devices and separatemathematical functions. In general, the buyer and seller may havediffering embodiments of this concept, i.e., the buyer and seller mayhave an unequal number of functions—any number two or greater—thatcombine together to provide a visual graphical pattern that isrecognizably unique to the buyer and/or seller. There is no relationshipor dependency of the buyer's group of functions with those of theseller.

The embodiments presented above are realizable in a computing deviceconfigured to receive an input binary object, perform functionalcomputations on the input binary object, and/or perform display-relatedcomputations. Such a device may include, for instance, any combinationof: a general purpose computer; an embedded processor; a special-purposeprocessor; a CPU; an ASIC; firmware. The computing device may furtherinclude software that carries out at least a portion of the calculationsused in the embodiments presented above.

While a function that captures the characteristic of a binary object bygenerating a unique value representative of the binary object has somesimilarities to a hash function, the embodiments described herein arenot restricted to this terminology. Rather, the function(s) used in theembodiments described herein should not be easily decipherable given theinput and output.

A hash function is a well-defined mathematical function for turning abinary object into an output that is dependent upon the content of thebinary object. The output of the hash function may be used for furtherprocessing. A good hash function used in the context of the presentapplication should map the expected inputs as evenly as possible overits output range, i.e., the hash function should exhibit gooduniformity. That is, a very large majority of the hash values in theoutput range should be generated with roughly the same probability. Thereason for this is to minimize false authentications, wherein twodifferent input binary objects produce the same hash value output. Theuniformity property should extend to subsets of all possible binaryobjects, so that a minor change in the binary object does not result ina high probability of producing the same output from the hash function.Furthermore, it is important that any alteration of the binary objectshould have a high probability of resulting in a new output that isdistinguishable from the previous one.

Examples of hash functions in the context herein may include addition ofall bytes in the binary object; or addition of a set of numbers derivedby considering strings of n bits from the binary object.

In an embodiment, the buyer's computing device contains two mathematicalfunctions referred herein as M1 _(B) and M2 _(B). Similarly, theseller's computing device contains two mathematical functions referredherein as M1 _(S) and M2 _(S). The functions may also be referred to asM1 and/or M2 if no distinction is intended between the buyer's side andthe seller's side. Various references may be made herein to the “buyer”generating M1 and/or M2, or the “seller” generating M1 and/or M2. Thosereferences should be understood as referring to the computing devices ofthe buyer or seller generating M1 and/or M2. The output of M1 and M2 arereferred herein as M1(x) and M2(x), respectively, wherein “x” representsthe content of the binary object. For instance, M1 _(B) and M1 _(S) maybe functions which, when applied to a binary object, produces a constantscalar value “A” dependent on the content of the binary object, e.g.,A=M1 _(B)(x).

M2 is a function that produces a visually and easily recognizable outputon a display device. Furthermore, when M2 is combined with M1, itproduces a visual image that a human can recognize to be similar to avisual image produced by M2 alone. However some aspect of the visualimage such as the amplitude, phase, or its orientation to the Y-axis maychange as the output of function M1 changes. This is analogous to ahuman signature, which is recognizable despite changes in size,location, orientation, color, or the pen type used to produce thesignature. M1 can change other characteristics, but a casual observershould be able to recognize easily and intuitively that M2 is the sameM2 as before, but has become distorted by M1.

Various embodiments described herein may use M1 to change differentcharacteristic of M2. For instance, M2 may be a periodic function (e.g.,a sine function) having various characteristics either of the functionM2 itself or of the display of M2, such as an amplitude ‘A’, acharacteristic frequency, a phase, a rotational angle of display, linethickness, line type, line color, darkness, fill types, animation orother time-varying display, etc. Persons skilled in the art willrecognize that many other kinds of functions may be used for M1 and/orM2, e.g., fractals, other functions having a repetitive visualrepresentation, combinations of periodic functions representable by aFourier series, etc. M2 may even produce an audible output, to provideverification by audio methods rather than visual methods. It ispreferable that M2 is periodic and repetitive so that: First, M2produces an output that is easy to recognize; and Second, M2 produces anoutput that retains its visual characteristics and is recognizable evenwhen distorted by M1.

Devices for controlling the display are well known and available forcommercial devices, such as a mouse, roller ball, track ball, joystick,pressure-sensitive pad, arrow keys, touch sensitive screen, etc.

Similarly, persons skilled in the art will recognize types of visualfunctions for M2 that are not easily recognizable, for instance afunction M2 that produces very minor and easily overlooked differencesin the output of M2 for different inputs, or a function that producespseudonoise-like output in which it is difficult for a human torecognize differences. The functions M1 and M2 are embedded in thecomputing device, and are unique to the device, yet should be exportablein a secure way so that, for instance, a user can produce a document ona home desktop PC, then later verify the returned document on a laptop.M1 and M2 are not otherwise retrievable outside of the computing device,and may be extremely difficult to reverse engineer, given only thecontent “x” of the binary object and M1(x) or M2(x). It should not bepossible to reverse engineer M1 and M2 with practical limitations ofcomputing power and computing time, in order to ensurenon-repudiatability of the exchanged binary objects.

Each time a binary object associated with the transaction at hand isgenerated, for instance an invoice, payment voucher, receipt, etc.,function M1 is applied to the binary object by the computing device. M2is then modified using M1(x), and the output of M2 is included with thebinary object, for instance by appending to the end or inserting at thebeginning. The output of M2 may also be referred to as an authenticator.The visual characteristics of M2 is thus retained but the original M2 isnot retrievable by the receiver or any other snooper as it has beendistorted by M1(x).

For example, suppose “x” represents a purchase order from a buyer, inbinary format. The buyer computes M1 _(B)(x), and modifies his own M2 byM1 _(B)(x), calling it M2 _(B), and transmits [x+M2 _(B)] to the seller,wherein the object within the brackets is a first binary object thatincludes the authenticator M2 _(B). The seller receives the purchaseorder and produces an invoice “y”.

The seller then concatenates “y” to the received purchase order (i.e.,to [x+M2 _(B)]), forming the composite object ([x+M2 _(B)]+y) andcomputes the function M1 _(S)([x+M2 _(B)]+y). Using this computedresult, M2 _(S) is generated by modifying the seller's original M2, andthe seller transmits the composite object [((x+M2 _(B))+y)+M2 _(S)] backto the buyer. This is a composite binary object including aconcatenation of the first binary object generated by the buyer, theseller's invoice, and the M2 _(S) generated by the seller. Both M2 _(B)and M2 _(S) are generated using M1 _(B) or M1 _(S) over the entirecomposite binary object generated so far up to the point at which theyare used. M2 _(B)(M1 _(B)( )) and M2 _(S)(M1 _(S)( )) have norelationship and dependency and hence are not compared. Each specific M2is compared by either party with its own previously stored respectiveM2. Its own M2 should be an exact match. The other party's M2 shouldlikewise be an exact match to its own previously stored M2, and the M2received from the other party in this round of document exchange will besimilar to but distinct from the M2 received from the other party duringearlier rounds of document exchange for this same transaction.

The buyer has stored the M1 _(B) and M2 _(B) of the object he has sentpreviously. When he receives the composite object he first detaches theextra instrument and authenticator appended by the seller, and thenrecomputes M1 _(B) and M2 _(B) on the remainder of the composite object.The stored M2 _(B) and the recomputed M2 _(B) are displayed and visuallycompared. The stored M2 _(B) and the recomputed M2 _(B) act asauthenticators, and should be identical if the received binary object isauthentic. He can also compare the previously stored M2 _(S) and the nowreceived M2 _(S). These should look similar although not exactly same.This cycle repeats with each additional document that is generated(e.g., payment information, receipt, etc.), and can repeat indefinitely,and at each iteration the visual comparisons give increased confidence.If the displays do not match at any stage, then one of the parties(typically the buyer) can terminate, reinitiate, or resume from a stepat which the party still had confidence in the transaction.

Typical operation of the embodiments here may be illustrated with thehelp of a sample transaction described below. This sample transaction isnot intended to be limiting in any way. The steps of the transactionare:

(1) Buyer stores and sends to the seller [x+M2 _(B1)], in which “x” maybe, e.g., a purchase order,

(2) Buyer receives from the seller [((x+M2 _(B1))+γ)+M2 _(S1)], in which“y” may be, e.g., an invoice.

(3) Buyer stores x, y, received M2 _(B1), and M2 _(S1).

(4) Buyer compares the sent M2 _(B1) and the received M2 _(B1). Theseshould be identical when compared visually. If they are the same itmeans the buyer's “x” has not been modified, and also it means that “y”corresponds to “x” and cannot be repudiated.

The buyer can then see the display of M2 _(S1), and the buyer can knowthat it has come from the seller if the buyer has dealt with the sellerearlier, because it should look familiar and similar to the seller's M2.In this respect it is similar to a trademark, e.g., a company logo. Ifthe buyer has not dealt with the seller before, then the buyer can waitfor the next round of composite object where he will get the seller's M2again but with a different characteristic, e.g., a different amplitude.

Each communication between the parties is in the form of a compositebinary object, which includes a binary object and M2(M1(( ) computedover at least a portion of the binary object. Each time a party of thetransaction receives a new composite binary object from the other partyof the transaction, the received binary object will include binaryobject(s) purportedly produced by the first party. Let “x” represent thebinary object originally sent by the first party, and let “x_(R)”represent the binary object received from the other party, in whichx_(R) is purported to be the same as x. The first party can confirm in asimple manner that x=x_(R) (i.e., that x_(R) is genuine) by computingM2(M1(x _(R))) and comparing to M2(M1(x)). Since M2 is a function thatproduces a displayable visual output, it will be simpler and easier todetect differences in M2(M1(x _(R))) compared to M2(M1(x)) by comparingthe displays of those functions, rather than comparing x_(R) to xdirectly. Optionally, M2(M1(x)) may be stored by the first party when xwas sent to the second party, thereby eliminating the need to recomputedM2(M1(x)) each time a new purported x_(R) is received.

Various controls over the display may be included to facilitate thecomparison of M2(M1(x _(R))) to M2(M1(x)). For instance, a “move” or“drag picture” display control can be included to move the display ofM2(M1(x _(R))) over the display of M2(M1(x)) to visually observe whetherthe two displays exactly coincide. However, the display control will notaffect visual aspects of the display of M2 which are intended to be theresult of differences in the underlying binary object. For instance, ifM2(M1(x)) produces a sine wave that differ only in phase when theunderlying binary object x changes, then the display control will notallow the display of M2(M1(x _(R))) to be moved, so that M2(M1(x _(R)))is not mistaken for M2(M1(x)), unless there is some indicator ormechanism in the display to show a phase reference point.

If the display of M2(M1(x _(R))) has been visually confirmed to exactlycoincide with the display of M2(M1(x)), then the buyer and/or seller canbe comfortable that the digital object x has not been tampered with, andthe seller cannot deny that he has received the object x from the buyerbecause the seller has sent back to the buyer the composite object thatincludes x and the seller's M2. This process may be repeated at eachstage of the transaction as additional binary digital objects aregenerated, and previous digital objects be verified at any time bycomparison of the appropriate visual displays. When the transaction iscomplete, both parties can have increased assurance that exactly thesame integrated composite instrument combining all the binary digitalobjects have been exchanged between the parties, as authenticated by M1and M2. The integrated composite instrument can be retained for futurereference in case of any dispute between the parties.

FIG. 1 illustrates a sample transaction. A first composite binarydigital object 1 is generated by a buyer, including a purchase order 1 aand the output 1 b of functions M1 _(B) and M2 _(B). The first compositebinary digital object 1 is sent by a transmission channel 2 to theseller, who receives a received first composite binary digital object 3.In the absence of transmission errors and/or deliberate tampering,digital object 3 should be the same as digital object 1. The seller thencreates a second composite binary digital object 4, which includes thereceived first composite binary digital object 3 plus a new document 4 a(e.g., an invoice) generated by the seller, and output 4 b computed overthe composite content of purchase order 1 a, the buyer's authenticator 1b and the invoice 4 a. The second composite binary digital object 4 issent back to the buyer via transmission channel 5. Channel 5 is notnecessarily the same as channel 2. The buyer receives a received secondcomposite binary digital object 6, which includes a received version 6 aof the purchase order 1 a. Let “x” refer to the content of purchaseorder 1 a, and let x_(R) refer to the content of the received version 6a. The buyer can compute and display M2 _(B)(M1 _(B)(x _(R))), andcompute and display M2 _(B)(M1 _(B)(x)), and verify the integrity ofx_(R) (i.e., that x_(R)=x) by visually comparing the displays andensuring that the displays are exactly the same. If the displays are notexactly the same, then there has been either a transmission error ordeliberate tampering with the binary digital objects.

FIGS. 2-3 illustrate another example of a transaction. In FIG. 2, abuyer has created a shopping basket 7 of items to buy. He calculates theM1 _(B) and M2 _(B) functions, producing a visual display 8, which inthe example shown is a sawtooth function. The shopping basket 7 andvisual display 8 together form a binary digital object 9. Binary digitalobject 9 is sent to the seller (not shown).

FIG. 3 illustrates a communication received back from the seller afteraccepting the order. The communication includes the buyer's purportedoriginal shopping basket 7 a, the buyer's purported visual display 8 a,along with the seller's invoice 10, a visual display 11 that is theresult of M1 _(S) and M2 _(S), and binary digital object 12. The buyercan compare purported visual display 8 a to a stored version of hisvisual display 8, and if they match exactly then the buyer can beassured that purported original shopping basket 7 a is the same asshopping basket 7. Alternatively, the buyer can recompute M1 _(B) and M2_(B) over the purported original shopping basket 7 a and verify that theresulting display is exactly the same as his original visual display 8.

There is little distinction left between hardware and softwareimplementations of aspects of systems; the use of hardware or softwareis generally (but not always, in that in certain contexts the choicebetween hardware and software can become significant) a design choicerepresenting cost vs. efficiency tradeoffs. There are various vehiclesby which processes and/or systems and/or other technologies describedherein can be effected (e.g., hardware, software, and/or firmware), andthat the preferred vehicle will vary with the context in which theprocesses and/or systems and/or other technologies are deployed. Forexample, if an implementer determines that speed and accuracy areparamount, the implementer may opt for a mainly hardware and/or firmwarevehicle; if flexibility is paramount, the implementer may opt for amainly software implementation; or, yet again alternatively, theimplementer may opt for some combination of hardware, software, and/orfirmware.

The foregoing detailed description has set forth various embodiments ofthe devices and/or processes via the use of block diagrams, flowcharts,and/or examples. Insofar as such block diagrams, flowcharts, and/orexamples contain one or more functions and/or operations, it will beunderstood by those within the art that each function and/or operationwithin such block diagrams, flowcharts, or examples can be implemented,individually and/or collectively, by a wide range of hardware, software,firmware, or virtually any combination thereof. In one embodiment,several portions of the subject matter described herein may beimplemented via Application Specific Integrated Circuits (ASICs), FieldProgrammable Gate Arrays (FPGAs), digital signal processors (DSPs), orother integrated formats. However, those skilled in the art willrecognize that some aspects of the embodiments disclosed herein, inwhole or in part, can be equivalently implemented in integratedcircuits, as one or more computer programs running on one or morecomputers (e.g., as one or more programs running on one or more computersystems), as one or more programs running on one or more processors(e.g., as one or more programs running on one or more microprocessors),as firmware, or as virtually any combination thereof, and that designingthe circuitry and/or writing the code for the software and/or firmwarewould be well within the skill of one of skill in the art in light ofthis disclosure. In addition, those skilled in the art will appreciatethat the mechanisms of the subject matter described herein are capableof being distributed as a program product in a variety of forms, andthat an illustrative embodiment of the subject matter described hereinapplies regardless of the particular type of signal bearing medium usedto actually carry out the distribution. Examples of a signal bearingmedium include, but are not limited to, the following: a recordable typemedium such as a floppy disk, a hard disk drive, a Compact Disc (CD), aDigital Video Disk (DVD), a digital tape, a computer memory, etc.; and atransmission type medium such as a digital and/or an analogcommunication medium (e.g., a fiber optic cable, a waveguide, a wiredcommunications link, a wireless communication link, etc.).

Those skilled in the art will recognize that it is common within the artto describe devices and/or processes in the fashion set forth herein,and thereafter use engineering practices to integrate such describeddevices and/or processes into data processing systems. That is, at leasta portion of the devices and/or processes described herein can beintegrated into a data processing system via a reasonable amount ofexperimentation. Those having skill in the art will recognize that atypical data processing system generally includes one or more of asystem unit housing, a video display device, a memory such as volatileand non-volatile memory, processors such as microprocessors and digitalsignal processors, computational entities such as operating systems,drivers, graphical user interfaces, and applications programs, one ormore interaction devices, such as a touch pad or screen, and/or controlsystems including feedback loops and control motors (e.g., feedback forsensing position and/or velocity; control motors for moving and/oradjusting components and/or quantities). A typical data processingsystem may be implemented utilizing any suitable commercially availablecomponents, such as those typically found in datacomputing/communication and/or network computing/communication systems.

The herein described subject matter sometimes illustrates differentcomponents contained within, or connected with, different othercomponents. It is to be understood that such depicted architectures aremerely exemplary, and that in fact many other architectures can beimplemented which achieve the same functionality. In a conceptual sense,any arrangement of components to achieve the same functionality iseffectively “associated” such that the desired functionality isachieved. Hence, any two components herein combined to achieve aparticular functionality can be seen as “associated with” each othersuch that the desired functionality is achieved, irrespective ofarchitectures or intermedial components. Likewise, any two components soassociated can also be viewed as being “operably connected”, or“operably coupled”, to each other to achieve the desired functionality,and any two components capable of being so associated can also be viewedas being “operably couplable”, to each other to achieve the desiredfunctionality. Specific examples of operably couplable include but arenot limited to physically mateable and/or physically interactingcomponents and/or wirelessly interactable and/or wirelessly interactingcomponents and/or logically interacting and/or logically interactablecomponents.

With respect to the use of substantially any plural and/or singularterms herein, those having skill in the art can translate from theplural to the singular and/or from the singular to the plural as isappropriate to the context and/or application. The varioussingular/plural permutations may be expressly set forth herein for sakeof clarity.

It will be understood by those within the art that, in general, termsused herein, and especially in the appended claims (e.g., bodies of theappended claims) are generally intended as “open” terms (e.g., the term“including” should be interpreted as “including but not limited to,” theterm “having” should be interpreted as “having at least,” the term“includes” should be interpreted as “includes but is not limited to,”etc.). It will be further understood by those within the art that if aspecific number of an introduced claim recitation is intended, such anintent will be explicitly recited in the claim, and in the absence ofsuch recitation no such intent is present. For example, as an aid tounderstanding, the following appended claims may contain usage of theintroductory phrases “at least one and one or more” to introduce claimrecitations. However, the use of such phrases should not be construed toimply that the introduction of a claim recitation by the indefinitearticles “a” or “an” limits any particular claim containing suchintroduced claim recitation to inventions containing only one suchrecitation, even when the same claim includes the introductory phrases“one or more” or “at least one” and indefinite articles such as “a” or“an” (e.g., “a” and/or “an” should typically be interpreted to mean “atleast one” or “one or more”); the same holds true for the use ofdefinite articles used to introduce claim recitations. In addition, evenif a specific number of an introduced claim recitation is explicitlyrecited, those skilled in the art will recognize that such recitationshould typically be interpreted to mean at least the recited number(e.g., the re recitation of “two recitations,” without other modifiers,typically means at least two recitations, or two or more recitations).Furthermore, in those instances where a convention analogous to “atleast one of A, B and C,” etc. is used, in general such a constructionis intended in the sense one having skill in the art would understandthe convention (e.g., “a system having at least one of A, B and C” wouldinclude but not be limited to systems that have A alone, B alone, Calone, A and B together, A and C together, B and C together, and/or A, Band C together, etc.). In those instances where a convention analogousto “that least one of A, B or C, etc.” is used, in general such aconstruction is intended in the sense one having skill in the art wouldunderstand the convention (e.g., “a system having at least one of A, B,or C” would include but not be limited to systems that have A alone, Balone, C alone, A and B together, A and C together, B and C together,and/or A, B and C together, etc.). It will be further understood bythose within the art that virtually any disjunctive word and/or phrasepresenting two or more alternative terms, whether in the description,claims, or drawings, should be understood to contemplate thepossibilities of including one of the terms, either of the terms, orboth terms. For example, the phrase “A or B” will be understood toinclude the possibilities of “A” or “B” or “A and B.”

All references, including but not limited to patents, patentapplications, and non-patent literature are hereby incorporated byreference herein in their entirety.

While various aspects and embodiments have been disclosed herein, otheraspects and embodiments will be apparent to those skilled in the art.The various aspects and embodiments disclosed herein are for purposes ofillustration and are not intended to be limiting, with the true scopeand spirit being indicated by the following claims.

The invention claimed is:
 1. A method, comprising: receiving, by aseller computing device, a first composite binary digital object from abuyer computing device, wherein the first composite binary digitalobject includes a first displayable authenticator that is computed andstored at the buyer computing device, and wherein the first displayableauthenticator is attached to a first binary object that is to beexchanged as part of a transaction; calculating, by the seller computingdevice, a second composite binary digital object that comprises: thefirst composite binary digital object; a second binary object; and asecond displayable authenticator derived from the first composite binarydigital object and the second binary object; transmitting, by the sellercomputing device, the second composite binary digital object to thebuyer computing device that is configured to verify an integrity of thesecond composite binary digital object, wherein the verificationcomprises a detachment of the second binary object and the seconddisplayable authenticator from the second composite binary digitalobject, a recomputation of the first displayable authenticator from aremainder of the second composite binary digital object, and acomparison of the recomputed first displayable authenticator and thestored first displayable authenticator; in response to a determinationthat the recomputed first displayable authenticator is visually similarto the stored first displayable authenticator based on the comparison,receiving, by the seller computing device, a request for the transactionfrom the buyer computing device, wherein the request is associated withone or more items defined in the first composite binary digital object;and in response to the received request for the transaction, providing,by the seller computing device, the one or more items to a user of thebuyer computing device.
 2. The method of claim 1, wherein the buyercomputing device is configured to facilitate a comparison of a displayof the recomputed first displayable authenticator and a display of thestored first displayable authenticator.
 3. The method of claim 2,wherein the comparison of the display of the recomputed firstdisplayable authenticator and the display of the stored firstdisplayable authenticator is based on a match between the display of therecomputed first displayable authenticator and the display of the storedfirst displayable authenticator.
 4. The method of claim 1, wherein thebuyer computing device is further configured to compute the firstdisplayable authenticator.
 5. The method of claim 4, wherein thecomputation of the first displayable authenticator comprises:calculating a first function responsive to the first binary object; andcalculating a second function responsive to the first function, whereinthe second function produces the first displayable authenticator.
 6. Anapparatus, comprising: a seller computing device configured to: receivea first composite binary digital object from a buyer computing device,wherein the first composite binary digital object includes a firstdisplayable authenticator that is computed and stored at the buyercomputing device, and wherein the first displayable authenticator isattached to a first binary object that is to be exchanged as part of atransaction; calculate a second composite binary digital object thatcomprises: the first composite binary digital object; a second binaryobject; and a second displayable authenticator derived from the firstcomposite binary digital object and the second binary object; transmitthe second composite binary digital object to the buyer computing devicethat is configured to verify an integrity of the second composite binarydigital object, wherein the verification comprises a detachment of thesecond binary object and the second displayable authenticator from thesecond composite binary digital object, a recomputation of the firstdisplayable authenticator from a remainder of the second compositebinary digital object, and a comparison of the recomputed firstdisplayable authenticator and the stored first displayableauthenticator; in response to a determination that the recomputed firstdisplayable authenticator is visually similar to the stored firstdisplayable authenticator based on the comparison, receiving, by theseller computing device, a request for the transaction from the buyercomputing device, wherein the request is associated with one or moreitems defined in the first composite binary digital object; and inresponse to the received request for the transaction, provide the one ormore items to a user of the buyer computing device.
 7. The apparatus ofclaim 6, wherein the buyer computing device is further configured tofacilitate a comparison of a display of the recomputed first displayableauthenticator and a display of the stored first displayableauthenticator.
 8. The apparatus of claim 7, wherein the comparison ofthe display of the recomputed first displayable authenticator and thedisplay of the stored first displayable authenticator is based on amatch between the display of the recomputed first displayableauthenticator and the display of the stored first displayableauthenticator.
 9. The apparatus of claim 6, wherein the buyer computingdevice is further configured to compute the first displayableauthenticator.
 10. The apparatus of claim 9, wherein to compute thefirst displayable authenticator, the buyer computing device isconfigured to: calculate a first function responsive to the first binaryobject; and calculate a second function responsive to the firstfunction, wherein the second function produces the first displayableauthenticator.
 11. A non-transitory computer-readable medium storingexecutable instructions that, when executed, cause a seller computingdevice to perform operations comprising: receiving, by the sellercomputing device, a first composite binary digital object from a buyercomputing device, wherein the first composite binary digital objectincludes a first displayable authenticator that is computed and storedat the buyer computing device, and wherein the first displayableauthenticator is attached to a first binary object that is to beexchanged as part of a transaction; calculating, by the seller computingdevice, a second composite binary digital object that comprises: thefirst composite binary digital object; a second binary object; and asecond displayable authenticator derived from the first composite binarydigital object and the second binary object; transmitting, by the sellercomputing device, the second composite binary digital object to thebuyer computing device that is configured to verify an integrity of thesecond composite binary digital object, wherein the verificationcomprises a detachment of the second binary object and the seconddisplayable authenticator from the second composite binary digitalobject, a recomputation of the first displayable authenticator from aremainder of the second composite binary digital object, and acomparison of the recomputed first displayable authenticator and thestored first displayable authenticator; in response to a determinationthat the recomputed first displayable authenticator is visually similarto the stored first displayable authenticator based on the comparison,receiving, by the seller computing device, a request for the transactionfrom the buyer computing device, wherein the request is associated withone or more items defined in the first composite binary digital object;and in response to the received request for the transaction, providing,by the seller computing device, the one or more items to a user of thebuyer computing device.
 12. The non-transitory computer-readable mediumof claim 11, wherein the buyer computing device is further configured tofacilitate a comparison of a display of the recomputed first displayableauthenticator and a display of the stored first displayableauthenticator.
 13. The non-transitory computer-readable medium of claim12, wherein the comparison of the display of the recomputed firstdisplayable authenticator and the display of the stored firstdisplayable authenticator is based on a match between the display of therecomputed first displayable authenticator and the display of the storedfirst displayable authenticator.
 14. The non-transitorycomputer-readable medium of claim 11, wherein the buyer computing deviceis further configured to compute the first displayable authenticator.15. The non-transitory computer-readable medium of claim 14, wherein thecomputation of the first displayable authenticator comprises: calculatea first function responsive to the first binary object; and calculate asecond function responsive to the first function, wherein the secondfunction produces the first displayable authenticator.
 16. Thenon-transitory computer-readable medium of claim 11, wherein the buyercomputing device is further configured to produce a scalar valueresponsive to the first binary object.
 17. The non-transitorycomputer-readable medium of claim 11, wherein the buyer computing deviceis further configured to produce a periodic display as the firstdisplayable authenticator.